US11516658B2 - Efficient and secure distributed signing protocol for mobile devices in wireless networks - Google Patents
Efficient and secure distributed signing protocol for mobile devices in wireless networks Download PDFInfo
- Publication number
- US11516658B2 US11516658B2 US16/460,267 US201916460267A US11516658B2 US 11516658 B2 US11516658 B2 US 11516658B2 US 201916460267 A US201916460267 A US 201916460267A US 11516658 B2 US11516658 B2 US 11516658B2
- Authority
- US
- United States
- Prior art keywords
- electronic device
- signature
- key
- intermediate value
- distributed
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active, expires
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
- H04L9/3073—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3255—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/46—Secure multiparty computation, e.g. millionaire problem
Definitions
- the present invention relates to an efficient and secure two-party distributed signing protocol for the identity-based signature scheme described in the IEEE P1363 standard.
- the IEEE P1363 project is well-known for issuing standard specifications for public-key cryptography through a series of IEEE standards documents.
- the IEEE Standard 1363-2000 consists of the following parts: 1) Traditional public-key cryptography (1363-2000 & 1363a-2004); 2) Lattice-based public-key cryptography (P1363.1); 3) Password-based public key cryptography (P1363.2); and 4) Identity-based public key cryptography using pairings (P1363.3).
- the BLMQ signature scheme is the identity-based signature scheme in the IEEE P1363 standard, and has been widely used in many practical applications. However, the BLMQ signature scheme does not provide an efficient and secure two-party distributed signing protocol.
- the techniques described herein may provide an efficient and secure two-party distributed signing protocol for the identity-based signature scheme described in the IEEE P1363 standard.
- a method may comprise generating a distributed cryptographic key at a key generation center and a first other device and a second other device and generating a distributed cryptographic signature at the first other device using the second other device.
- generating the distributed cryptographic key may comprise generating, at the key generation center, a user ID private key based on a user ID, and a Pallier Paillier key pair comprising a public key and a private key, transmitting the user ID private key, the Paillier public key, and the Paillier secret key from the key generation center to the first other device, and transmitting the user ID private key and the Paillier public key from the key generation center to a second other device.
- Generating a distributed cryptographic signature may comprise transmitting a message from the first other device to a zero knowledge functionality, the message comprising a request for proof that the second other device possesses the user ID private key and in response to receiving the message from the first other device, transmitting a message from the zero knowledge functionality comprising proof that the first other device possesses the user ID private key.
- Generating a distributed cryptographic signature may further comprise in response to receiving the message from the zero knowledge functionality, transmitting a message from the second other device to the zero knowledge functionality comprising a request for proof of a relation and in response to receiving the message from the second other device, transmitting a message from the zero knowledge functionality comprising proof that the second other device possesses the relation.
- Generating a distributed cryptographic signature may further comprise in response to receiving the message from the zero knowledge functionality, transmitting a message from the second other device to the first other device comprising a challenge based on the relation and in response to receiving the message from the zero knowledge functionality and the message from the second other device, computing, at the first other device, a signature based on the user ID private key and on the challenge.
- a system may comprise a key generation center adapted to generate a distributed cryptographic key in communication with a first other device, the first other device adapted to generate a distributed cryptographic signature in communication with key generation center and using a second other device, and the second other device adapted to generate the distributed cryptographic signature in communication with the first other device.
- a computer program product comprising a non-transitory computer readable storage having program instructions embodied therewith, the program instructions executable by at least one computer system, to cause each computer system to perform a method comprising: generating a distributed cryptographic key at a key generation center and a first other device and a second other device and generating a distributed cryptographic signature at the first other device using the second other device.
- FIG. 1 illustrates an example of a typical identity-based signature architecture for the wireless environment.
- FIG. 2 illustrates an exemplary flow diagram of the BLMQ signature scheme.
- FIG. 3 illustrates an example of the Paillier cryptosystem.
- FIG. 4 illustrates an exemplary data flow diagram of distributed key generation in accordance with embodiments of the present systems and methods.
- FIG. 5 illustrates an exemplary flow diagram of Phase 1 in accordance with embodiments of the present systems and methods.
- FIG. 6 illustrates an exemplary data flow diagram of distributed signature generation in accordance with embodiments of the present systems and methods.
- FIG. 7 illustrates an exemplary flow diagram of Phase 2 in accordance with embodiments of the present systems and methods.
- FIG. 8 illustrates an example of a system in which embodiments of the present systems and methods may be implemented.
- FIG. 9 illustrates an example of results of an experiment to determine performance of the BLMQ signature scheme.
- FIG. 10 illustrates an example of results of an experiment to determine performance of the distributed key generation in accordance with embodiments of the present systems and methods.
- FIG. 11 illustrates an example of results of an experiment to determine computation costs of the distributed signature generation in accordance with embodiments of the present systems and methods.
- FIG. 12 illustrates an example of a computing device in which embodiments of the present systems and methods may be implemented.
- FIG. 1 shows a typical identity-based signature architecture 100 for the wireless environment wherein the user's private key 102 must be used when signing. Also shown in FIG. 1 , are key generation center (KGC) 104 and the user's identity (ID) 106 .
- KGC key generation center
- ID user's identity
- Threshold secret sharing schemes have been used in many applications.
- a private key is shared among n parties. Any information about the private key cannot be obtained from t ⁇ 1 or fewer shares, and with a subset of t or more shares, the whole private key can be recovered.
- threshold cryptography provides a high of level security for the private key because by corrupting less than t ⁇ 1 parties or devices, the adversary will obtain nothing about the secret.
- the (t, n)—threshold secret sharing scheme has a limitation. Specifically, any party who holds the recovered private key can sign any document without the participation of other parties. Moreover, the recovered private key is normally stored in a mobile device, which can be compromised. Several two-party protocols have also been designed to mitigate such a reconstruction limitation. Compared with the conventional secret sharing scheme, in a two-party protocol, two parties interact with each other and output a signature without recovering the private key.
- the BLMQ signature scheme is the identity-based signature scheme in the IEEE P1363 standard, and has been widely used in many practical applications.
- the present systems and method may provide an efficient and secure two-party distributed signing protocol for the identity-based signature scheme described in the IEEE P1363 standard.
- the present systems and method may provide a two-party distributed signing protocol for an identity-based signature scheme.
- Embodiments may include protocols that provide improved security, efficiency, and practicality in a wireless environment.
- Embodiments may include a novel two-party distributed signing protocol, which is a fast threshold cryptography protocol for an identity-based signature scheme.
- the protocol can generate a valid signature without recovering the private key. Further, a valid signature cannot be generated if one of the participants is not involved.
- Security analysis of embodiments of the protocol shows that the protocol can satisfy security requirements. Moreover, such security may be proven under the non-standard assumption, and satisfy the zero-knowledge proof analysis.
- H 1 and H 2 are two secure hash functions, such that H 1 : ⁇ 0,1 ⁇ * ⁇ Z q , and H 2 : ⁇ 0,1 ⁇ * ⁇ Z q .
- G 1 and G 2 be two cyclic additive groups
- G 3 be a multiplicative group
- e:G 1 ⁇ G 2 ⁇ G 3 denotes a bilinear map satisfies the following properties:
- BLMQ signature scheme An exemplary flow diagram of the BLMQ signature scheme 200 is shown in FIG. 2 .
- BLMQ signature scheme 200 includes the following four processes.
- Setup process 202 given a security parameter n, KGC produces the system parameters params.
- Setup process 202 begins at 204 , in which the process chooses G 1 ,G 2 ,G 3 and a pairing e:G 1 ⁇ G 2 ⁇ G 3 .
- sign process 218 Given a message m, the user with the identity ID generates the signature ⁇ .
- the ideal zero knowledge functionality is zk , and the standard ideal zero-knowledge functionality is defined by ((x,w), ⁇ ) ⁇ ( ⁇ ,(x,R(x,w))), where ⁇ denotes the empty string.
- Definition 1 The zero-knowledge functionality zk R for relation R: Upon receiving (prove,sid,x,w) from P i (i ⁇ 1,2 ⁇ ): if (x,w) ⁇ R or sid has been previously used, then ignore the message. Otherwise, send (proof,sid,x) to P 3-i .
- the non-interactive zero-knowledge proof of knowledge satisfying zk can be achieved in random oracle model.
- Paillier Encryption the Paillier cryptosystem may be used for encryption.
- An example of the Paillier cryptosystem 300 is shown in FIG. 3 .
- Paillier cryptosystem 300 includes the following three processes.
- Key Generation process 302 begins with 304 , in which the process chooses two equivalent length large prime numbers p and q randomly.
- Encryption process 310 begins with 312 , in which the process selects a random number r where r ⁇ Z* n .
- Enc pk ( ⁇ ) denotes the encrypt operation using public key pk
- Dec sk ( ⁇ ) denotes the decrypt operation using private key sk.
- the present systems and methods may provide a two-party distributed signing protocol for the identity-based signature scheme described in IEEE P1363.
- the two key phases are the distributed key generation phase and the distributed signature generation phase.
- FIG. 4 An exemplary data flow diagram of distributed key generation 400 is shown in FIG. 4 . It is best viewed in conjunction with FIG. 5 , which is an exemplary flow diagram of Phase 1 500 . As shown in FIG. 4 , KGC 104 distributes the private key K ID into two parts.
- KGC generates a Paillier key-pair (pk,sk) for P 1 .
- KGC 104 sends (K ID (1) ,pk,sk) 412 to P 1 414 , and sends (K ID (2) ,pk) 416 to P 2 418 .
- P 1 414 stores (ID,K ID (1) ,pk,sk) 420 and the public parameter P
- P 2 chooses a random integer
- FIG. 6 An exemplary data flow diagram of distributed signature generation 600 is shown in FIG. 6 . It is best viewed in conjunction with FIG. 7 , which is an exemplary flow diagram of Phase 2 700 .
- Phase 2 Distributed Signature Generation 700 begins with 704 , in which P 1 's 602 first message is generated by, at 706 , P 1 602 chooses
- R 1 g r 1 604 .
- P 1 602 generates 608 and sends (prove,1,(R 1 ,C 1 ),(r 1 ,sk)) 610 to zk R PDL .
- P 2 's 612 first message is generated by, at 714 , P 2 612 receives (proof,1,(R 1 ,C 1 )) 610 from zk R PDL , if not, it aborts.
- P 2 612 verifies ⁇ 1 604 , chooses
- R 2 g r 2 612 .
- P 2 612 generates 614 and sends (prove,2,R 2 ,r 2 ) 620 to zk R DL .
- P 2 612 chooses
- P 1 602 generates the output by, at 728 , P 1 602 receives (proof,2,R 2 ) 620 from zk R DL ; if not; it aborts.
- P 1 602 verifies (h,S) 626 by the identity ID, if the signature is valid, it then outputs (h,S) 626 , otherwise, it aborts.
- IND-CPA Security Let be a PPT adversary, C be a challenger.
- the IND-CPA security is defined by the following game with a negligible advantage.
- the distributed signature generation phase In the distributed signature generation phase, we define the experiment Dist , ⁇ (1 n ) an adversary A who can control a party P b (b ⁇ 1,2). In protocol ⁇ , the honest party P 3-b instructs a stateful oracle ⁇ b (.,.). can choose which message needs to be signed, and can interact with party P 3-b . In this definition, the distributed signature generation phase should run after the distributed key generation phase. The oracle is queried by two inputs: a session identifier and an input, and works as follows:
- BLMQ is combined with two functions: extraction and signing.
- the extraction function can be queried only once, after the key extraction phase, the signing function can be queried an arbitrary number of times.
- BLMQ works with parties P 1 and P 2 , and is defined as follows:
- the probability of S forging a signature in Sign is at least
- Phase 2 computes BLMQ securely in the zk , model in the presence of a malicious static adversary.
- the MIRACL Cryptographic SDK may be used to implement embodiments of protocols.
- embodiments of protocols were implemented and deployed on two Android devices (Google Nexus 6 with a Quad-core, 2.7 GHz processor, 3G bytes memory and the Google Android 7.1.2 operating system; Samsung Galaxy Nexus with a dual-core 1.2 GHz processor, 1G bytes memory and the Google Android 4.0 operating system) and a PC with an i7-6700 processor, 8G bytes memory and the Microsoft Windows 7 operating system.
- the two Android phones denote two participants 802 , 804
- the PC 806 represents the KGC.
- Table 1 shows the different security levels of the curves.
- MNT k 6 curve that achieves AES-80 security.
- KSS k 18 curve that achieves AES-192 security.
- the BLMQ signature scheme was implemented on a Samsung Galaxy Nexus, and the running time of each algorithm for BLMQ signature scheme is shown in Table 2 and FIG. 9 .
- Table 3 and FIG. 10 show the running times of the instances and the verification algorithm.
- Step 1 denotes the progress made by P 1 before P 1 sends a message to P 2
- Step 2 denotes the progress made by P 2
- Step 3 denotes the progress made by P 1 after receiving message from P 2
- Table 5 presents the total running times.
- Computing device 1200 may typically be implemented using one or more programmed general-purpose computer systems, such as embedded processors, systems on a chip, personal computers, workstations, server systems, and minicomputers or mainframe computers, or in distributed, networked computing environments.
- Computing device 1200 may include one or more processors (CPUs) 1202 A- 1202 N, input/output circuitry 1204 , network adapter 1206 , and memory 1208 .
- CPUs 1202 A- 1202 N execute program instructions in order to carry out the functions of the present communications systems and methods.
- CPUs 1202 A- 1202 N are one or more microprocessors, such as an INTEL CORE® processor.
- FIG. 12 illustrates an embodiment in which computing device 1200 is implemented as a single multi-processor computer system, in which multiple processors 1202 A- 1202 N share system resources, such as memory 1208 , input/output circuitry 1204 , and network adapter 1206 .
- the present communications systems and methods also include embodiments in which computing device 1200 is implemented as a plurality of networked computer systems, which may be single-processor computer systems, multi-processor computer systems, or a mix thereof.
- Input/output circuitry 1204 provides the capability to input data to, or output data from, computing device 1200 .
- input/output circuitry may include input devices, such as keyboards, mice, touchpads, trackballs, scanners, analog to digital converters, etc., output devices, such as video adapters, monitors, printers, etc., and input/output devices, such as, modems, etc.
- Network adapter 1206 interfaces device 1200 with a network 1210 .
- Network 1210 may be any public or proprietary LAN or WAN, including, but not limited to the Internet.
- Memory 1208 stores program instructions that are executed by, and data that are used and processed by, CPU 1202 to perform the functions of computing device 1200 .
- Memory 1208 may include, for example, electronic memory devices, such as random-access memory (RAM), read-only memory (ROM), programmable read-only memory (PROM), electrically erasable programmable read-only memory (EEPROM), flash memory, etc., and electro-mechanical memory, such as magnetic disk drives, tape drives, optical disk drives, etc., which may use an integrated drive electronics (IDE) interface, or a variation or enhancement thereof, such as enhanced IDE (EIDE) or ultra-direct memory access (UDMA), or a small computer system interface (SCSI) based interface, or a variation or enhancement thereof, such as fast-SCSI, wide-SCSI, fast and wide-SCSI, etc., or Serial Advanced Technology Attachment (SATA), or a variation or enhancement thereof, or a fiber channel-arbitrated loop (FC-AL) interface.
- RAM random-access memory
- ROM read-only
- the contents of memory 1208 may vary depending upon the function that computing device 1200 is programmed to perform.
- exemplary memory contents are shown representing routines and data for embodiments of the processes described above.
- routines along with the memory contents related to those routines, may not be included on one system or device, but rather distributed among a plurality of systems or devices, based on well-known engineering considerations.
- the present systems and methods may include any and all such arrangements.
- memory 1208 is shown as including both key generation center routines 1210 and user device routines 1212 .
- key generation center may be implemented using one or more server computer systems and may include only key generation center routines 1210
- a user device may be may be implemented using a mobile device, such as a smartphone, and may include only user device routines 1212 .
- key generation center routines 1210 may include key generation routines 1214 and signature generation routines 1216
- user device routines 1212 may include key generation routines 1218 and signature generation routines 1220
- Key generation routines 1214 may include software routines to perform the KGC portion of Phase 1 of embodiments of processes, as described above.
- Signature generation routines 1216 may include software routines to perform the KGC portion of Phase 2 of embodiments of processes, as described above.
- Key generation routines 1218 may include software routines to perform the user device portion of Phase 1 of embodiments of processes, as described above.
- Signature generation routines 1220 may include software routines to perform the user device portion of Phase 2 of embodiments of processes, as described above.
- Operating system 1222 may provide overall system functionalities.
- the present communications systems and methods may include implementation on a system or systems that provide multi-processor, multi-tasking, multi-process, and/or multi-thread computing, as well as implementation on systems that provide only single processor, single thread computing.
- Multi-processor computing involves performing computing using more than one processor.
- Multi-tasking computing involves performing computing using more than one operating system task.
- a task is an operating system concept that refers to the combination of a program being executed and bookkeeping information used by the operating system. Whenever a program is executed, the operating system creates a new task for it. The task is like an envelope for the program in that it identifies the program with a task number and attaches other bookkeeping information to it.
- Multi-tasking is the ability of an operating system to execute more than one executable at the same time.
- Each executable is running in its own address space, meaning that the executables have no way to share any of their memory.
- the programs have no way to exchange any information except through the operating system (or by reading files stored on the file system).
- Multi-process computing is similar to multi-tasking computing, as the terms task and process are often used interchangeably, although some operating systems make a distinction between the two.
- the present invention may be a system, a method, and/or a computer program product at any possible technical detail level of integration.
- the computer program product may include a computer readable storage medium (or media) having computer readable program instructions thereon for causing a processor to carry out aspects of the present invention.
- the computer readable storage medium can be a tangible device that can retain and store instructions for use by an instruction execution device.
- the computer readable storage medium may be, for example, but is not limited to, an electronic storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing.
- a non-exhaustive list of more specific examples of the computer readable storage medium includes the following: a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), a static random access memory (SRAM), a portable compact disc read-only memory (CD-ROM), a digital versatile disk (DVD), a memory stick, a floppy disk, a mechanically encoded device such as punch-cards or raised structures in a groove having instructions recorded thereon, and any suitable combination of the foregoing.
- a computer readable storage medium is not to be construed as being transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission media (for example, light pulses passing through a fiber-optic cable), or electrical signals transmitted through a wire.
- Computer readable program instructions described herein can be downloaded to respective computing/processing devices from a computer readable storage medium or to an external computer or external storage device via a network, for example, the Internet, a local area network, a wide area network and/or a wireless network.
- the network may comprise copper transmission cables, optical transmission fibers, wireless transmission, routers, firewalls, switches, gateway computers, and/or edge servers.
- a network adapter card or network interface in each computing/processing device receives computer readable program instructions from the network and forwards the computer readable program instructions for storage in a computer readable storage medium within the respective computing/processing device.
- Computer readable program instructions for carrying out operations of the present invention may be assembler instructions, instruction-set-architecture (ISA) instructions, machine instructions, machine dependent instructions, microcode, firmware instructions, state-setting data, configuration data for integrated circuitry, or either source code or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C++, or the like, and procedural programming languages, such as the “C” programming language or similar programming languages.
- the computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server.
- the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider).
- LAN local area network
- WAN wide area network
- Internet Service Provider an Internet Service Provider
- electronic circuitry including, for example, programmable logic circuitry, field-programmable gate arrays (FPGA), or programmable logic arrays (PLA) may execute the computer readable program instructions by utilizing state information of the computer readable program instructions to personalize the electronic circuitry, in order to perform aspects of the present invention.
- FPGA field-programmable gate arrays
- PLA programmable logic arrays
- These computer readable program instructions may also be stored in a computer readable storage medium that can direct a computer, a programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer readable storage medium having instructions stored therein comprises an article of manufacture including instructions which implement aspects of the function/act specified in the flowchart and/or block diagram block or blocks.
- the computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other device to cause a series of operational steps to be performed on the computer, other programmable apparatus or other device to produce a computer implemented process, such that the instructions which execute on the computer, other programmable apparatus, or other device implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
- each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s).
Abstract
Description
-
- 1. For a1,a2∈G1 and b1,b2 ∈G2, e(a1+a2,b1)=e(a1,b1)e(a2,b1) and e(a1,b1+b2)=e(a1,b1)e(a1,b2).
- 2. For all 0≠a∈G1, there exists b∈G2 such that e(a,b)≠1.
- 3. For all 0≠b∈G2, there exists a∈G1 such that e(a,b)≠1.
At 232, if h=H2(m,u), then the process outputs 1, otherwise the process outputs 0.
-
- 1. Decsk(Encpk(m1)·Encpk(m2))=m1+m2.
- 2. Decsk(Encpk(m1)m
2 )=m1m2.
Let c1=Encpk(m1), c2=Encpk(m2), then c1⊕c2=Encpk(m1+m2), m2⊗c1=Encp,(m1)m2 .
and computes the encryption of S″=(r1r2+h+ρ·q)·KID (2). Then, P1 can compute S′=S″·t1, and finally computes the signature S=S′·Q1.
and computes R1=
and computes R2=
and computes C2=KID (2)⊗(r2⊗C1⊗Encpk(ρ·q+h)) 618. At 724,
-
- 1. C generates the key-pair (pk,sk), obtains pk.
- 2. outputs two messages m0,m1 (|m0|=|m1|).
- 3. C selects
-
- and encrypts mb such that C*=Encpk(mb), then returns C* to C.
- 4. outputs b′, wins the game when b′=b.
-
- 1. (vk,sk)←Gen(1n).
- 2. (m*, σ*)← sign
sk (·)(1n,vk). - 3. Let be the set of all m which can be queried. can query oracle with m. Then, the experiment outputs 1 if m*∉ and Verify(m*,σ*)=1.
Pr[ ,π(1n)=1]<μ(n)
-
- 1. Upon receiving a query (sid,m), and if the distributed key generation phase has not been executed, then the oracle output ⊥.
- 2. Upon receiving a query (sid,m) after the distributed key generation phase has been executed, the oracle invokes a machine Msid which is instructed by P3-b in protocol Π. Msid is initialized with key share and any stored information from KGC in the distributed key generation phase. If P3-b sends the first message in the signing phase, then the oracle outputs this message.
- 3. Upon receiving a query (sid,m) after the distributed key generation phase has executed and sid has been queried, the oracle sends the message m to Msid, and returns the next message output from Msid. If Msid finishes execution, then it returns Msid's output.
-
- 1. (m*, σ* )← (Π
b (.,.))(1n). - 2. Let be the set of all m which can be queried. can query oracle with (sid,m). Then, the experiment outputs 1 if m*∉ and Verify(m*, σ*)=1.
- 1. (m*, σ* )← (Π
-
- 1. After receiving Extract(params,ID) from both P1 and P2:
- (a)Generate a BLMQ key pair (hID,KID) by computing hID=H1(ID), and choosing a random number
- 1. After receiving Extract(params,ID) from both P1 and P2:
-
-
- Compute KID(hID+s)−1Q1. Choose a hash function Hq:{0,1}*→{0,1}└ log \q\┘ and store params,ID,Hq,KID
- (b) Send hID and Hq to both P1 and P2.
- (c) Ignore future queries to Extract.
- 2. After receiving Sign(sid,m) from both P1 and P2, if Extract was queried and sid has not been used, then compute a BLMQ signature (h,S) of the message m by follows:
- (a) Choose a number
-
-
-
- compute u=gr.
- (b) Compute h-Hq(m,u), and S(r+h)KID.
-
-
- 1. Generate a Paillier key pair (pk,sk).
- 2. Select r0,
and compute R=r0·G.
-
- 3. Select b∈{0,1} and compute C=Encpk(rb).
- 4. Let b′= O
C (.,.,.) if Decsk(C′)=α+β·rbq, OC(C′, α, β)=1 - 5. If and only if b′b, the experiment outputs 1.
|Pr[SignS,π(1n)=1]−Pr[Dist ,529(1n)]=11≤μ(n) (1)
-
- 1. In Sign, S receives (1n,ID), where ID is the user's identity which could generate the user's public key H1(ID).
- 2. S invokes A on
input 1n and simulates oracle in DistSign. Upon receiving a query (sid,m), where sid is a new session identifier, S queries its signing oracle in Sign with m and receives a signature (h,S) where S=S ·Q1. We slightly modify the oracle that lets the signing oracle returnS to the simulator S. We let the adversary compute t1·Decsk(C2). u can be computed by the BLMQ signature verification algorithm. Then, queries S with identifier sid. The query is processed as follows:- (a) The first message (sid,m1) is processed by parsing the message m1 since m1=(prove,1,(R1,C1),(r1,sk)). If R1=gr
1 and C1=Encpk(r1), then S sets R2=ul/r1 , and sets the oracle's reply message is (proof,2,R2) and sends it to . Otherwise, S simulates P2 abortion. - (b) S chooses
- (a) The first message (sid,m1) is processed by parsing the message m1 since m1=(prove,1,(R1,C1),(r1,sk)). If R1=gr
then computes C2=Encpk(
-
- 3. Once halts and outputs (m*,σ*), S outputs (m*,σ*) and halts.
randomly, where p(n) is the upper bound number of queries made by A. S chooses i with the probability of
that is S simulates A's view with a probability of
The probability of S forging a signature in Sign is at least
times of the probability that A forges a signature in DistSign.
-
- 1. In Sign, s receives (1n,ID), where ID is the identity to generate the user's public key H1(ID).
- 2. S invokes on
input 1n and simulates oracle in DistSign. Upon receiving a query (sid,m), where sid is a new session identifier, S sets the oracle reply with (proof,1,R1,C1) where R1=u1/r2 , and sends it to . Then, S queries its signing oracle in Sign with m and receives a signature (h,S) and S can compute u in the BLMQ signature verification algorithm. Then, queries S with identifier sid, which is processed as follows:- (a) The first message (sid,m1) is processed by parsing m1 as (prove,2,R2,r2) which should be sent to
-
-
- S verifies the equation R2=gr
2 and if the equation does not hold, it simulates P1 causing it to abort the protocol. - (b) The second message (sid,m2) is processed by parsing m2 as C2. If this is the ith query by , then S simulates P1's abortion. Otherwise, it continues.
- S verifies the equation R2=gr
- 3. Once halts and outputs (m*,σ*), S outputs (m*,σ*) and halts.
-
-
- 1. On input Sign(sid,m), S sends Sign(sid,m) to BLMQ and receives a signature (h,S).
- 2. S computes u using the BLMQ verification procedure.
- 3. S invokes with input Sign(sid,m) and simulates the following messages to ensure that the result is u:
- (a) S receives (prove,1,(R1,C1),(r1,sk)) from .
- (b) If R1=gr
1 , then S sets R2=u1/r1 , and sends (proof,2,R2) to . - Otherwise, S simulates P2 abort, sends abortion to BLMQ.
- 4. S chooses ρrZq, then computes C2=Encpk(
S +ρ·q)(t1)−1, whereS is the value from the signature S received from BLMQ, and sets the oracle reply with C2.
-
- 1. On input Sign(sid,m), S sends Sign(sid,m) to BLMQ and receives a signature (h,S).
- 2. S computes u using the BLMQ verification procedure.
- 3. S invokes with Sign(sid,m), sets R1=u1/r
2 and sends the message (proof,1,(R1,C1)) internally. - 4. S receives (prove,2,R2,r2) which indicates that intends to send to
-
- 5. S verifies the equation R2=gr
2 . If the equation does not hold, then S simulates P1 aborting. - 6. S receives C2 from P2, decrypts C2 by using sk and reduces the result by modulo q. S checks if it is equal to (({tilde over (r)}1r2+h)KID (2))q, where C1=Encpk({tilde over (r)}1) If the equation holds, then S sends ‘continue’ to the trusted party P1, and lets P1 provide the output. Otherwise, S sends ‘abort’ to P1 to instruct P1 to abort.
- 5. S verifies the equation R2=gr
R DL={(G 3 ,g,R,R,r)|R=g r}
compute K=gk.
TABLE 1 |
Security level |
Symmetric cipher key | Bitlength of p in prime | |||
Type | length | field Fp | ||
MNT k = 6 | 80 | 160 | ||
BN k = 12 | 128 | 256 | ||
KSS k = 18 | 192 | 512 | ||
BLS k = 24 | 256 | 640 | ||
TABLE 2 |
Each algorithm of BLMQ Signature (averages |
were computed over 1,000 executions). |
KeyGen | Sign | Verify | |
CurveAlgorithm | (milliseconds) | (milliseconds) | (milliseconds) |
k = 6 | 5.83 | 22.16 | 139.94 |
k = 12 | 8.22 | 66.01 | 188.61 |
k = 18 | 25.99 | 733.96 | 2738.34 |
k = 24 | 61.76 | 18676.92 | 36478.61 |
TABLE 3 |
Distributed key generation and verification (averages |
were computed over 1,000 executions). |
Setup | Distribute | Verify | |
CurveProgress | (milliseconds) | (milliseconds) | (milliseconds) |
k = 6 | 145.27 | 567.42 | 122.42 |
k = 12 | 145.92 | 1107.8 | 191.17 |
k = 18 | 2055.02 | 6211.14 | 2364.34 |
k = 24 | 18506.28 | 8268.26 | 32116.37 |
TABLE 4 |
Distributed signature generation (averages |
were computed over 1,000 executions). |
| Step | 1 | |
Step 3 |
k = 6 | 146.03 | ms | 222.43 | ms | 134.49 | ms |
k = 12 | 198.28 | ms | 336.42 | ms | 174.83 | ms |
k = 18 | 1647.47 | ms | 2782.22 | ms | 1505.2 | ms |
k = 24 | 18419.27 | ms | 35972.69 | ms | 17812.87 | ms |
TABLE 5 |
Distributed signature generation run |
time (average over 1,000 executions). |
CurveDevice | P1 | P2 | |||
k = 6 | 280.52 | ms | 222.43 | ms | ||
k = 12 | 373.11 | ms | 336.42 | ms | ||
k = 18 | 3152.67 | ms | 2782.22 | ms | ||
k = 24 | 36232.14 | ms | 35972.69 | ms | ||
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/460,267 US11516658B2 (en) | 2018-07-03 | 2019-07-02 | Efficient and secure distributed signing protocol for mobile devices in wireless networks |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201862693585P | 2018-07-03 | 2018-07-03 | |
US16/460,267 US11516658B2 (en) | 2018-07-03 | 2019-07-02 | Efficient and secure distributed signing protocol for mobile devices in wireless networks |
Publications (2)
Publication Number | Publication Date |
---|---|
US20200015078A1 US20200015078A1 (en) | 2020-01-09 |
US11516658B2 true US11516658B2 (en) | 2022-11-29 |
Family
ID=69102418
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/460,267 Active 2040-06-19 US11516658B2 (en) | 2018-07-03 | 2019-07-02 | Efficient and secure distributed signing protocol for mobile devices in wireless networks |
Country Status (1)
Country | Link |
---|---|
US (1) | US11516658B2 (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11516658B2 (en) * | 2018-07-03 | 2022-11-29 | Board Of Regents, The University Of Texas System | Efficient and secure distributed signing protocol for mobile devices in wireless networks |
US11240001B2 (en) * | 2018-11-06 | 2022-02-01 | International Business Machines Corporation | Selective access to asset transfer data |
WO2022154790A1 (en) * | 2021-01-14 | 2022-07-21 | Hewlett-Packard Development Company, L.P. | Authenticating devices and components |
CN114697046B (en) * | 2022-06-01 | 2022-09-30 | 湖南三湘银行股份有限公司 | Security authentication method and system based on SM9 secret |
Citations (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060285683A1 (en) * | 2004-10-01 | 2006-12-21 | Lakshminarayanan Anatharaman | Method for cryptographically processing a message, method for generating a cryptographically processed message, method for performing a cryptographic operation on a message, computer system, client computer, server computer and computer program elements |
US20090106551A1 (en) * | 2006-04-25 | 2009-04-23 | Stephen Laurence Boren | Dynamic distributed key system and method for identity management, authentication servers, data security and preventing man-in-the-middle attacks |
US20100235588A1 (en) * | 2007-02-16 | 2010-09-16 | Manabu Maeda | Shared information distributing device, holding device, certificate authority device, and system |
US8356182B2 (en) * | 2006-09-01 | 2013-01-15 | Nec Corporation | Electronic signature system and electronic signature verifying method |
US20130054971A1 (en) * | 2011-08-26 | 2013-02-28 | Takahiro Yamaguchi | Terminal device, verification device, key distribution device, content playback method, key distribution method, and computer program |
US20130073845A1 (en) * | 2010-05-28 | 2013-03-21 | Nec Corporation | Anonymous credential system, user device, verification device, anonymous credential method, and anonymous credential program |
US8762729B2 (en) * | 2010-10-04 | 2014-06-24 | Electronics And Telecommunications Research Institute | Group signature system and method providing controllable linkability |
US20150019868A1 (en) * | 2013-07-15 | 2015-01-15 | Korea University Research And Business Foundation | Public encryption method based on user id |
US20150312759A1 (en) * | 2014-04-25 | 2015-10-29 | Samsung Electronics Co., Ltd. | Mobile device and method of sharing content |
US20160080157A1 (en) * | 2014-09-16 | 2016-03-17 | Keypasco Ab | Network authentication method for secure electronic transactions |
US20170272433A1 (en) * | 2016-03-18 | 2017-09-21 | Mohit Yashpal Jaggi | Method and system for storing and accessing client device information in a distributed set of nodes |
US20180145825A1 (en) * | 2015-06-18 | 2018-05-24 | Nec Corporation | Cipher-information generation device, cipher-information generation method, storage medium, and collation system |
US20180302217A1 (en) * | 2015-12-30 | 2018-10-18 | Universidad De Chile | System and method for secure electronic communications by means of security hardware based on threshold cryptography |
US20190294820A1 (en) * | 2018-03-20 | 2019-09-26 | Entit Software Llc | Converting plaintext values to pseudonyms using a hash function |
US10498537B2 (en) * | 2016-08-01 | 2019-12-03 | Institute For Development And Research In Banking Technology (Drbt) | System and method for providing secure collaborative software as a service (SaaS) attestation service for authentication in cloud computing |
US20200005173A1 (en) * | 2018-06-27 | 2020-01-02 | International Business Machines Corporation | Method for performing a disjunctive proof for two relations |
US20200015078A1 (en) * | 2018-07-03 | 2020-01-09 | Board Of Regents, The University Of Texas System | Efficient and secure distributed signing protocol for mobile devices in wireless networks |
-
2019
- 2019-07-02 US US16/460,267 patent/US11516658B2/en active Active
Patent Citations (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060285683A1 (en) * | 2004-10-01 | 2006-12-21 | Lakshminarayanan Anatharaman | Method for cryptographically processing a message, method for generating a cryptographically processed message, method for performing a cryptographic operation on a message, computer system, client computer, server computer and computer program elements |
US20090106551A1 (en) * | 2006-04-25 | 2009-04-23 | Stephen Laurence Boren | Dynamic distributed key system and method for identity management, authentication servers, data security and preventing man-in-the-middle attacks |
US8356182B2 (en) * | 2006-09-01 | 2013-01-15 | Nec Corporation | Electronic signature system and electronic signature verifying method |
US20100235588A1 (en) * | 2007-02-16 | 2010-09-16 | Manabu Maeda | Shared information distributing device, holding device, certificate authority device, and system |
US20130073845A1 (en) * | 2010-05-28 | 2013-03-21 | Nec Corporation | Anonymous credential system, user device, verification device, anonymous credential method, and anonymous credential program |
US8762729B2 (en) * | 2010-10-04 | 2014-06-24 | Electronics And Telecommunications Research Institute | Group signature system and method providing controllable linkability |
US20130054971A1 (en) * | 2011-08-26 | 2013-02-28 | Takahiro Yamaguchi | Terminal device, verification device, key distribution device, content playback method, key distribution method, and computer program |
US20150019868A1 (en) * | 2013-07-15 | 2015-01-15 | Korea University Research And Business Foundation | Public encryption method based on user id |
US20150312759A1 (en) * | 2014-04-25 | 2015-10-29 | Samsung Electronics Co., Ltd. | Mobile device and method of sharing content |
US20160080157A1 (en) * | 2014-09-16 | 2016-03-17 | Keypasco Ab | Network authentication method for secure electronic transactions |
US20180145825A1 (en) * | 2015-06-18 | 2018-05-24 | Nec Corporation | Cipher-information generation device, cipher-information generation method, storage medium, and collation system |
US20180302217A1 (en) * | 2015-12-30 | 2018-10-18 | Universidad De Chile | System and method for secure electronic communications by means of security hardware based on threshold cryptography |
US20170272433A1 (en) * | 2016-03-18 | 2017-09-21 | Mohit Yashpal Jaggi | Method and system for storing and accessing client device information in a distributed set of nodes |
US10498537B2 (en) * | 2016-08-01 | 2019-12-03 | Institute For Development And Research In Banking Technology (Drbt) | System and method for providing secure collaborative software as a service (SaaS) attestation service for authentication in cloud computing |
US20190294820A1 (en) * | 2018-03-20 | 2019-09-26 | Entit Software Llc | Converting plaintext values to pseudonyms using a hash function |
US20200005173A1 (en) * | 2018-06-27 | 2020-01-02 | International Business Machines Corporation | Method for performing a disjunctive proof for two relations |
US20200015078A1 (en) * | 2018-07-03 | 2020-01-09 | Board Of Regents, The University Of Texas System | Efficient and secure distributed signing protocol for mobile devices in wireless networks |
Non-Patent Citations (1)
Title |
---|
Garay et al., Strengthening Zero-Knowledge Protocols Using Signatures, 2003, Bell Labs—Lucent Technologies, pp. 177-192 (Year: 2003). * |
Also Published As
Publication number | Publication date |
---|---|
US20200015078A1 (en) | 2020-01-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10742413B2 (en) | Flexible verifiable encryption from lattices | |
US11516658B2 (en) | Efficient and secure distributed signing protocol for mobile devices in wireless networks | |
US9853816B2 (en) | Credential validation | |
US20150100785A1 (en) | Method for ciphering a message via a keyed homomorphic encryption function, corresponding electronic device and computer program product | |
CN112106322A (en) | Password-based threshold token generation | |
CN103733564A (en) | Digital signatures with implicit certificate chains | |
US11310039B2 (en) | Lightweight distributed signature protocol for mobile computing and IoT devices | |
CN101931536B (en) | Method for encrypting and authenticating efficient data without authentication center | |
US20120323981A1 (en) | Proxy calculation system, proxy calculation method, proxy calculation requesting apparatus, and proxy calculation program and recording medium therefor | |
Bai et al. | Elliptic curve cryptography based security framework for Internet of Things (IoT) enabled smart card | |
CN108632031B (en) | Key generation device and method, encryption device and method | |
US11165592B2 (en) | Systems and methods for a butterfly key exchange program | |
US20150333905A1 (en) | Methods and devices for securing keys when key-management processes are subverted by an adversary | |
US9544144B2 (en) | Data encryption | |
Zhang et al. | Efficient and provably secure distributed signing protocol for mobile devices in wireless networks | |
CN101931535A (en) | Method for adaptively performing data encryption and authentication without authentication center | |
Wang et al. | Perfect ambiguous optimistic fair exchange | |
KR102304831B1 (en) | Encryption systems and method using permutaion group based cryptographic techniques | |
Li et al. | A verifiable multi-secret sharing scheme based on short integer solution | |
Zhang et al. | Efficient and secure two-party distributed signing protocol for the gost signature algorithm | |
Elshobaky et al. | Implementation of schnorr signcryption algorithm on dsp | |
US11095452B2 (en) | Out-of-band authentication in group communications | |
Kunz-Jacques et al. | Using hash-based signatures to bootstrap quantum key distribution | |
Duc et al. | DiAE: Re-rolling the DiSE | |
Soman | Lightweight Elliptical Curve Cryptography (ECC) for Data Integrity and User Authentication in Smart Transportation IoT System |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FEPP | Fee payment procedure |
Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY |
|
FEPP | Fee payment procedure |
Free format text: ENTITY STATUS SET TO SMALL (ORIGINAL EVENT CODE: SMAL); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS |
|
AS | Assignment |
Owner name: BOARD OF REGENTS, THE UNIVERSITY OF TEXAS SYSTEM, TEXAS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:HE, DEBIAO;CHOO, KIM KWANG;REEL/FRAME:061071/0210 Effective date: 20220912 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT VERIFIED |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |